There is a number of various methods for authenticating and signing electronic files. WO 2007/034255 discloses a method wherein a centralised digital signature providing system is applied for digitally signing electronic files submitted to it on behalf of remote users utilising digital signatures which include the users' biometric data. By means of the biometric data (for example, data related to a handwritten signature) the digital signature can be linked to the signatory, while the invention provides that the digital signature can only be applied to the electronic file in a supervised and authenticated manner. The method has the disadvantage that the verification of the data sent back by the remote user, as well as the management of biometric data, are not sufficiently secure.
In U.S. Pat. No. 6,735,695 B1 a solution is disclosed wherein authentication is performed using only a portion of biometric data rather than the entire biometric sample. For enhanced security it is thereby provided that the full biometric sample is not transmitted. The partial biometric sample applied for authentication can also be selected using a random number. A disadvantage of this known solution is that data reduction (transformation) is not carried out, and thus by eavesdropping on the communication lines for partial biometrics unauthorised persons may sooner or later capture the full biometric information. A further disadvantage of the solution is that the biometric sensor records the full biometric sample, and the partial biometrics are selected from the full sample. Recording the full biometric sample constitutes a significant vulnerability.
US 2008/0209227 A1 discloses a solution wherein a transformed, reduced version of the biometric sample is generated. The reduced biometric data or reduced biometric digest may contain different characteristic features of the biometric sample, such as its linear sections. In US 2010/0066493 A1 a solution related to a random projection transform of biometric data is disclosed. These known solutions also have the above mentioned drawbacks.
The object of the invention is to provide methods for digital signing and for authentication that eliminate the drawbacks of prior art solutions to the greatest possible extent.
The object of the invention has been achieved by the methods according to claims 1, 16, 23, 26 or 27.
Preferred embodiments of the invention are defined in the dependent claims.